search

pingcap / tidb-operator

TiDB operator creates and manages TiDB clusters running in Kubernetes.
https://docs.pingcap.com/tidb-in-kubernetes/
Apache License 2.0
1.22k stars 489 forks source link

Change to run all components as non root #3907

Open liubog2008 opened 3 years ago

liubog2008 commented 3 years ago

Feature Request

Is your feature request related to a problem? Please describe:

Now all containers of tidb-operator are run as root. Dockerfiles should be changed to build image as non-root for security practice.

Describe the feature you'd like:

Describe alternatives you've considered:

Teachability, Documentation, Adoption, Migration Strategy:

DanielZhangQD commented 3 years ago

From https://github.com/pingcap/tidb-operator/issues/3874#issuecomment-816546611 TODO: